Critical Flaws Found in VxWorks RTOS That Powers Over 2 Billion Devices

Security researchers have discovered almost a dozen zero-day vulnerabilities in VxWorks, one of the most widely used real-time operating systems (RTOS) for embedded devices that powers over 2 billion devices across aerospace, defense, industrial, medical, automotive, consumer electronics, networking, and other critical industries. According to a new report Armis researchers shared with TheSource...

Continuar lendo

Judge Rules No Jail Time for WannaCry ‘Killer’ Marcus Hutchins, a.k.a. MalwareTech

Marcus Hutchins, better known as MalwareTech, has been sentenced to "time served" and one year of supervised release for developing and selling the Kronos banking malware. Yes, Hutchins will not go to prison, United States District Judge J.P. Stadtmueller ruled today in Milwaukee County Court, after describing his good work as "too many positives on the other side of the ledger." In responseSource...

Continuar lendo

Just Opening A Document in LibreOffice Can Hack Your Computer (Unpatched)

Are you using LibreOffice? You should be extra careful about what document files you open using the LibreOffice software over the next few days. That's because LibreOffice contains a severe unpatched code execution vulnerability that could sneak malware into your system as soon as you open a maliciously-crafted document file. LibreOffice is one of the most popular and open sourceSource...

Continuar lendo

Ransomware Attack Caused Power Outages in the Biggest South African City

Yesterday, some residents of Johannesburg, the largest city in South Africa, were left without electricity after the city's power company got attacked by a ransomware virus. City Power, the company responsible for powering South Africa's financial capital Johannesburg, confirmed Thursday on Twitter that it had been hit by a Ransomware virus that had encrypted all of its databases, applicationsSource...

Continuar lendo

Silk Road Admin Sentenced to 78 Months in Prison On Drug Trafficking Charges

An Irish national has been jailed for six-and-a-half years for his role as one of the administrators and forum moderators who helped run now-defunct dark web marketplace "Silk Road." Gary Davis, 31, of Wicklow, Ireland, was known as 'Libertas' on the Silk Road website, then-largest underground black marketplace on the Internet used by thousands of people to buy and sell drugs and otherSource...

Continuar lendo

Your Android Phone Can Get Hacked Just By Playing This Video

Are you using an Android device? Beware! You should be more careful while playing a video on your smartphone—downloaded anywhere from the Internet or received through email. That's because, a specially crafted innocuous-looking video file can compromise your Android smartphone—thanks to a critical remote code execution vulnerability that affects over 1 billion devices running Android OSSource...

Continuar lendo

Popular Malware Families Using ‘Process Doppelgänging’ to Evade Detection

The fileless code injection technique called Process Doppelgänging is actively being used by not just one or two but a large number of malware families in the wild, a new report shared with The Hacker News revealed. Discovered in late 2017, Process Doppelgänging is a fileless variation of Process Injection technique that takes advantage of a built-in Windows function to evade detection andSource...

Continuar lendo

Linux Botnet Adding BlueKeep-Flawed Windows RDP Servers to Its Target List

Cybersecurity researchers have discovered a new variant of WatchBog, a Linux-based cryptocurrency mining malware botnet, which now also includes a module to scan the Internet for Windows RDP servers vulnerable to the Bluekeep flaw. BlueKeep is a highly-critical, wormable, remote code execution vulnerability in the Windows Remote Desktop Services that could allow an unauthenticated remoteSource...

Continuar lendo

New Android Spyware Created by Russian Defense Contractor Found in the Wild

Cybersecurity researchers have uncovered a new piece of mobile surveillance malware believed to be developed by a Russian defense contractor that has been sanctioned for interfering with the 2016 U.S. presidential election. Dubbed Monokle, the mobile remote-access trojan has been actively targeting Android phones since at least March 2016 and is primarily being used in highly targeted attacks onSource...

Continuar lendo